Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9ff57806ea...0N.exe

windows7-x64

7

9ff57806ea...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ff57806ea71ea1b177fd434931277c0N.exe

  • Size

    1.1MB

  • Sample

    240715-hhf2sswcre

  • MD5

    9ff57806ea71ea1b177fd434931277c0

  • SHA1

    41f59dc85fc750e63af13000086e99bf81edb676

  • SHA256

    a204bcc3cfdbeac2774ab19c3103978ce9a8bc62b3145a429f231444ea863316

  • SHA512

    cda797f7d9b126df69133a0d3bab8ff7564f62dc1c48320037c1a498be5054a3e2a52a0adcddb7696caf5fdbd4e770f9c3f818f44bd39ffcdb2e59b3561dfc09

  • SSDEEP

    24576:2w5ylAUz6bMP54tWsPyPd+ZGN9OQocMMeQyYDqyI/2V+P/v6rkyQ9W:h0SUWLyPdEGLRHZe1OMsk7W

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      9ff57806ea71ea1b177fd434931277c0N.exe

    • Size

      1.1MB

    • MD5

      9ff57806ea71ea1b177fd434931277c0

    • SHA1

      41f59dc85fc750e63af13000086e99bf81edb676

    • SHA256

      a204bcc3cfdbeac2774ab19c3103978ce9a8bc62b3145a429f231444ea863316

    • SHA512

      cda797f7d9b126df69133a0d3bab8ff7564f62dc1c48320037c1a498be5054a3e2a52a0adcddb7696caf5fdbd4e770f9c3f818f44bd39ffcdb2e59b3561dfc09

    • SSDEEP

      24576:2w5ylAUz6bMP54tWsPyPd+ZGN9OQocMMeQyYDqyI/2V+P/v6rkyQ9W:h0SUWLyPdEGLRHZe1OMsk7W

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks